Abstract : Network security protocols need high configuration workload. We propose a new protocol to reduce this issue: our "Security Capabilities Over Unsecured Topology" (SCOUT) protocol has been designed to search at each IP-based node for the security supported mechanisms on the remote nodes and then to invoke an adequate security channel establishment mechanism. If the remote node does not support any compatible security features, the SCOUT protocol will try to secure the flow at least up the router in the neighborhood of the node. This protocol avoids the administrator manually managing a tunnel for each couple of nodes. This reduces administrator workload and increases network security deployment scalability. We complete the SCOUT protocol presentation by an evaluation of experimental performance and an analysis of vulnerability.
https://hal-enac.archives-ouvertes.fr/hal-01022282
Contributeur : Laurence Porte
<>
Soumis le : mardi 9 septembre 2014 - 10:32:35
Dernière modification le : mardi 30 janvier 2018 - 18:22:03
Document(s) archivé(s) le : mercredi 10 décembre 2014 - 10:30:11
Antoine Varet, Nicolas Larrieu. Security capability discovery protocol over unsecured IP-based topologies. SAR-SSI 2012, 7ème Conférence sur la Sécurité des Architectures Réseaux et Systèmes d'Information, May 2012, Cabourg, France. pp xxx, 2012. 〈hal-01022282〉
